add endpoint to update api key with provided value

Author: 4rthem

apps/api/src/app/environments-v1/dtos/update-api-key-request.dto.ts

@@ -0,0 +1,8 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { IsString } from 'class-validator';
+
+export class UpdateApiKeyRequestDto {
+  @ApiProperty()
+  @IsString()
+  apiKey: string;
+}

apps/api/src/app/environments-v1/e2e/update-api-key.e2e.ts

@@ -0,0 +1,30 @@
+import { NOVU_ENCRYPTION_SUB_MASK } from '@novu/shared';
+import { UserSession } from '@novu/testing';
+import { expect } from 'chai';
+
+describe('Environment - Update Api Key #novu-v0-os', async () => {
+  let session: UserSession;
+
+  before(async () => {
+    session = new UserSession();
+    await session.initialize();
+  });
+
+  it('should update an Api Key', async () => {
+    const {
+      body: { data: oldApiKeys },
+    } = await session.testAgent.get('/v1/environments/api-keys').send({});
+    const oldApiKey = oldApiKeys[0].key;
+    expect(oldApiKey).to.not.contains(NOVU_ENCRYPTION_SUB_MASK);
+
+    const newKey = 'my-new-api-key-123456-of-32chars';
+    const {
+      body: { data: newApiKeys },
+    } = await session.testAgent.post('/v1/environments/api-keys/update').send({
+      apiKey: newKey,
+    });
+
+    const newApiKey = newApiKeys[0].key;
+    expect(newApiKey).to.equals(newKey);
+  });
+});

apps/api/src/app/environments-v1/environments-v1.controller.ts

@@ -48,6 +48,9 @@ import { GetMyEnvironments } from './usecases/get-my-environments/get-my-environ
 import { RegenerateApiKeys } from './usecases/regenerate-api-keys/regenerate-api-keys.usecase';
 import { UpdateEnvironmentCommand } from './usecases/update-environment/update-environment.command';
 import { UpdateEnvironment } from './usecases/update-environment/update-environment.usecase';
+import { UpdateApiKeyCommand } from './usecases/update-api-key/update-api-key.command';
+import { UpdateApiKeyRequestDto } from './dtos/update-api-key-request.dto';
+import { UpdateApiKey } from './usecases/update-api-key/update-api-key.usecase';
 
 /**
  * @deprecated use EnvironmentsControllerV2
@@ -63,6 +66,7 @@ export class EnvironmentsControllerV1 {
     private updateEnvironmentUsecase: UpdateEnvironment,
     private getApiKeysUsecase: GetApiKeys,
     private regenerateApiKeysUsecase: RegenerateApiKeys,
+    private updateApiKeyUsecase: UpdateApiKey,
     private getEnvironmentUsecase: GetEnvironment,
     private getMyEnvironmentsUsecase: GetMyEnvironments,
     private deleteEnvironmentUsecase: DeleteEnvironment,
@@ -209,6 +213,24 @@ export class EnvironmentsControllerV1 {
     return await this.regenerateApiKeysUsecase.execute(command);
   }
 
+  @Post('/api-keys/update')
+  @ApiResponse(ApiKey, 201, true)
+  @ApiExcludeEndpoint()
+  @RequirePermissions(PermissionsEnum.API_KEY_WRITE)
+  async updateOrganizationApiKeys(
+    @UserSession() user: UserSessionData,
+    @Body() payload: UpdateApiKeyRequestDto
+  ): Promise<ApiKey[]> {
+    const command = UpdateApiKeyCommand.create({
+      userId: user._id,
+      organizationId: user.organizationId,
+      environmentId: user.environmentId,
+      apiKey: payload.apiKey,
+    });
+
+    return await this.updateApiKeyUsecase.execute(command);
+  }
+
   @Delete('/:environmentId')
   @ApiOperation({
     summary: 'Delete an environment',

apps/api/src/app/environments-v1/usecases/index.ts

@@ -7,6 +7,7 @@ import { GetEnvironment } from './get-environment';
 import { GetMyEnvironments } from './get-my-environments/get-my-environments.usecase';
 import { RegenerateApiKeys } from './regenerate-api-keys/regenerate-api-keys.usecase';
 import { UpdateEnvironment } from './update-environment/update-environment.usecase';
+import { UpdateApiKey } from './update-api-key/update-api-key.usecase';
 
 export const USE_CASES = [
   GetMxRecord,
@@ -15,6 +16,7 @@ export const USE_CASES = [
   GenerateUniqueApiKey,
   GetApiKeys,
   RegenerateApiKeys,
+  UpdateApiKey,
   GetEnvironment,
   GetMyEnvironments,
   DeleteEnvironment,

apps/api/src/app/environments-v1/usecases/update-api-key/update-api-key.command.ts

@@ -0,0 +1,8 @@
+import { EnvironmentWithUserCommand } from '../../../shared/commands/project.command';
+import { IsNotEmpty, IsString } from 'class-validator';
+
+export class UpdateApiKeyCommand extends EnvironmentWithUserCommand {
+  @IsNotEmpty()
+  @IsString()
+  readonly apiKey: string;
+}

apps/api/src/app/environments-v1/usecases/update-api-key/update-api-key.usecase.ts

@@ -0,0 +1,43 @@
+import { BadRequestException, Injectable } from '@nestjs/common';
+import { decryptApiKey, encryptApiKey } from '@novu/application-generic';
+import { EnvironmentRepository } from '@novu/dal';
+import { createHash } from 'crypto';
+import { ApiKeyDto } from '../../dtos/api-key.dto';
+import { UpdateApiKeyCommand } from './update-api-key.command';
+
+@Injectable()
+export class UpdateApiKey {
+  constructor(
+    private environmentRepository: EnvironmentRepository,
+  ) {}
+
+  async execute(command: UpdateApiKeyCommand): Promise<ApiKeyDto[]> {
+    const environment = await this.environmentRepository.findOne({ _id: command.environmentId });
+
+    if (!environment) {
+      throw new BadRequestException(`Environment id: ${command.environmentId} not found`);
+    }
+
+    const key = command.apiKey;
+    if (key.length < 32) {
+      throw new BadRequestException(`API key must be at least 32 characters long`);
+    }
+
+    const encryptedApiKey = encryptApiKey(key);
+    const hashedApiKey = createHash('sha256').update(key).digest('hex');
+
+    const environments = await this.environmentRepository.updateApiKey(
+      command.environmentId,
+      encryptedApiKey,
+      command.userId,
+      hashedApiKey
+    );
+
+    return environments.map((item) => {
+      return {
+        _userId: item._userId,
+        key: decryptApiKey(item.key),
+      };
+    });
+  }
+}